-
Cathy Luo authored
Following crash issue is observed during TCP traffic stress test [ 2253.625439] NMI watchdog: BUG: soft lockup - CPU#3 stuck for 22s! [kworker/u17:1:5191] [ 2253.625520] Call Trace: [ 2253.625527] [<ffffffffc0b47030>] ? moal_spin_lock+0x30/0x30 [usb8xxx] [ 2253.625533] [<ffffffffc0ac3ceb>] ? wlan_wmm_lists_empty+0xb/0xf0 [mlan] [ 2253.625537] [<ffffffffc0ab0ea3>] mlan_main_process+0x1b3/0x720 [mlan] [ 2253.625540] [<ffffffffc0b337f5>] woal_main_work_queue+0x45/0x80 [usb8xxx] [ 2253.625543] [<ffffffff8108aaf0>] process_one_work+0x150/0x3f0 [ 2253.625545] [<ffffffff8108b1e1>] worker_thread+0x121/0x520 [ 2253.625547] [<ffffffff8108b0c0>] ? rescuer_thread+0x330/0x330 [ 2253.625549] [<ffffffff81090222>] kthread+0xd2/0xf0 [ 2253.625551] [<ffffffff81090150>] ? kthread_create_on_node+0x1c0/0x1c0 [ 2253.625553] [<ffffffff8179423c>] ret_from_fork+0x7c/0xb0 [ 2253.625555] [<ffffffff81090150>] ? kthread_create_on_node+0x1c0/0x1c0 In mwifiex_usb_tx_complete(), we are updating port->block_status first and then freeing the skb attached to that URB. We may end up attaching new skb to URB in a corner case and same will be freed. This results in the kernel crash. The problem is solved by changing the sequence. Signed-off-by:
Cathy Luo <cluo@marvell.com> Signed-off-by:
Shengzhen Li <szli@marvell.com> Signed-off-by:
Amitkumar Karwar <akarwar@marvell.com> Signed-off-by:
Kalle Valo <kvalo@codeaurora.org>
1afac196
